[nsp-sec] List of vulnerable DNS resolvers
Nicolas FISCHBACH
nicolist at securite.org
Wed Jul 23 13:07:37 EDT 2008
Florian Weimer wrote:
>
> Okay, this means that there is some chance that your list includes
> resolvers that use an interval of 1024 different source ports. I
> wouldn't consider them vulnerable (and in many cases, their operators
> have actually applied a vendor patch and are probably confused why
> they receive a notification that says something else).
We are not (re. my Nominum post from yesterday - BTW, thanks Paul/Florian/
Gerard) but some of our customers are starting to drive us nuts thru various
escalation channels and it look like we are going to have to apply a CNS
beta that "fixes" the POOR rating from the various online checking tools...
Nico.
--
Nicolas FISCHBACH
Senior Manager - Network Engineering/Security - COLT Telecom
e:(nico at securite.org) w:<http://www.securite.org/nico/>
More information about the nsp-security
mailing list